Real Time Payments Are Coming – Start Getting Ready Now

The world moves at the speed of data. As such, consumers and businesses alike expect to conduct financial transactions as quickly as they do anything else online. Enter real time payments (RTPs). Offering RTPs is mostly voluntary right now, but that is about to change. Mandatory RTPs are coming to Europe by the end of the year. They are already in play in other parts of the world.

The European Parliament and Council reached a provisional agreement last year to mandate instant payments throughout the European Union. With that agreement in place, formal rules are expected by the end of this year. Financial institutions will be required to provide instant payment services in the form of RTPs, services that facilitate the transfer of funds between parties in seconds.

European banks have a model to look to in the U.S. FedNow service, a service already being used by more than 300 financial institutions. Meanwhile, estimates suggest that more than 27% of all global electronic payments will be instant payments by 2027. The EU’s new rules will certainly contribute to that number.

Instant Payments Invite Fraud

The good side of instant payments is that they make transacting business easier. Unlike the current ACH transfer system that routinely delays settlement for hours or days, RTP systems can settle things nearly instantly. A basic RTP transaction involves the following:

1. The payer initiates a transaction through a bank app, a website, or other means.
2. The bank sends a transfer request to the RTP network.
3. The network verifies the payer’s account and funds to ensure availability.
4. Funds are instantly transferred from the payer’s account to the recipient’s account.
5. Both payer and recipient receive confirmation of the transaction.

Although convenient, RTPs are subject to fraud for the same reasons other network transactions are. Networks are vulnerable to cybercriminals capable of intercepting traffic, scamming people through phishing, and other techniques.

Risks Specific to RTPs

Protecting RTPs against fraud will require a concerted effort among financial institutions, payment processors, cybersecurity experts, and fraud prevention specialists. Researchers are still learning about RTP security and fraud prevention techniques. At the current time, the Outseer fraud prevention specialists highlight several specific risks that require attention:

• Little Time – Because RTPs are nearly instantaneous, there is little time to detect and prevent fraudulent activity at the time of a transaction.
• Immutable Transactions – RTPs are immutable transactions. Once done, they cannot be undone. That means recovering stolen funds is much more difficult.
• Prone to Phishing – RTPs do nothing to prevent phishing attacks. Scammers will continue to go after payers through manipulation, social engineering, etc.
• Increased Attack Surfaces – Implementing RTP networks increases the number of attack surfaces cybercriminals have to work with. Experts expect hackers to target networks and data storage systems.

Protecting instant payments against cyberattacks and fraud will be challenging, but not impossible. Those security experts now out in front will lead the way in guaranteeing that RTPs are as secure as humanly possible. But maximizing fraud protection strategies will require a cooperative effort among security specialists and financial institutions.

RTP Is the Future of Payments

All signs point to RTP as being the future of digital payments. The old ACH system has done its job in facilitating payments globally. But its day has passed. With the dawn of instant payments, new networks and payment technologies are emerging.

Instant payments will be in full swing in Europe by the end of this year. Within a couple of years, they could be the norm globally. Is your organization preparing for them? If not, get started. Do not be caught unprepared when RTPs arrive in earnest.